// middleware/auth.go

package middleware

import (
	"net/http"

	"github.com/gin-gonic/gin"
)

func AuthMiddleware(excludePaths ...string) gin.HandlerFunc {
	return func(c *gin.Context) {
		// 检查当前请求路径是否在排除列表中
		path := c.Request.URL.Path
		for _, excludePath := range excludePaths {
			if path == excludePath {
				// 如果当前路径在排除列表中，则跳过鉴权
				c.Next()
				return
			}
		}

		// 这里添加你的鉴权逻辑，比如检查请求头中的 token
		token := c.GetHeader("Authorization")
		if token != "your-secret-token" {
			c.JSON(http.StatusUnauthorized, gin.H{"error": "unauthorized"})
			c.Abort()
			return
		}

		// 如果鉴权通过，继续处理请求
		c.Next()
	}
}
